Senior Associate- Information Security & GRC
Department: Information Security
Location: Gurgaon
Job Summary
- Multi-Standard Compliance: Maintain, upgrade, and support compliance frameworks for ISO 27001:2022 (ISMS), ISO 22301:2019 (BCMS), and ISO 42001:2023 (AIMS).
- SOC Reporting: Coordinate and gather evidence for annual SOC 1 and SOC 2 Type II examinations, ensuring alignment with Trust Services Criteria.
- Risk Assessments: Conduct comprehensive InfoSec risk assessments across infrastructure, applications, and business processes. Maintain the corporate Risk Register.
- Business Impact Analysis (BIA): Lead organizational BIAs to identify critical business functions, determine RTOs/RPOs, and align them with disaster recovery plans.
- Mitigation Tracking: Partner with engineering, IT, and legal teams to design, ...